Whois identity theft
This involves using the personal contact information of a real person or company without their knowledge. In some instances, the only information that connects the registration information to the spammer is an e-mail address or telephone number: the rest of the information belongs to someone else. This is especially true when the content of the site itself is illegal, except in cases where an innocent website has been hijacked. Anyone who finds their personal information used in the registration information of a spam website should take several steps. The first is to check the "whois" information for details such as the registrar of the domain name of the site and the date of registration. There are many web sites on the internet that provide that information, such as Who.is , Namespace, or Internic. Type in the domain name to get the registration whois information. If contact information for the registrar is not included, check the list of ICANN accredited registrars What can you do if you are a victim? If your identity was stolen to register the domain name of an illegal website, you want it fixed. Whois information is public, and that links your name to illegal activity. Since domain name owners need protection from people who try to challenge their ownership of valuable names, there are protections in the system to prevent unauthorized people from making changes. There are also protections against registering domains with fake information, but it can be difficult to get them enforced. It's important to be persistant. Registration information could be stored in many locations on the internet and could be accessed years after the domain has expired. You don't want some misguided person happening upon your name when you are applying for a job and concluding you have a history of selling illegal drugs. In addition, you are assisting law enforcement by creating a record documenting the fact that the domain was fraudulently registered. If it happened to you, it happened to a lot of people. Your documentation could be one of the counts that gets someone locked up instead of being released with a warning to stop spamming. Follow the money If a spammer registered a domain with a stolen identity, how did he pay for it? Quite likely, with a stolen credit card, or debit card, or Paypal account, etc. And quite likely he had your card number, and that's why he chose to use your name to register the domain. Check the "created on" date in the whois to see when the domain was registered. Then check your bank and credit card statements for unauthorized charges around that date. You may well find charges for other domain registrations besides the one you already know about, unfortunately. If you see unauthorized charges, especially if there are small charges to several different domain registration companies, cancel your card immediately. It's not some clerical error. A criminal has your information. Speak with your bank/card issuer to explain the situation and get as much information as possible, especially contact information for the company that submitted the charge (not always obvious from your statement). Follow the instructions to get your charge refunded to make a legal record that you are not involved. If there are other charges, contact those registrars to find out what domain names were registered in your name with them. Request a credit report from one of the credit reporting bureaus. In the US, you do not have to pay to obtain a report in a case of identity theft. Recheck several months later. Consider placing a fraud alert on your account to make it more difficult for someone with your personal information to apply for new credit cards. Attempt to identify the means the spammer used to obtain your information. It may have been from public information such as telephone or real estate listings. But there is the possibility that you or someone you know has a computer virus that is sending the spammer information from computer address books or that is collecting information being typed into banking websites. It is not unusual for someone who has had to cancel a credit card because of fraudulent domain registrations to have a new card become compromised as well. If you suspect a malware infection on your computer, help is available from a number of forums, like spywarehammer.com, bleeping computer.com, majorgeeks.com, or techguy.org. You need to find out which domains were registered in your name to make sure your information is removed. You can't search the whois by registrant name, unfortunately. Private companies compile the data, but charge significant fees to provide it. You should first try to get the registrars involved to tell you which domain names were registered using your name/credit card. (They may insist on doing this by mail, or they may be willing to call you at the phone number in the registration if it is yours). Remember that registrars are victims in this fraud, too. They process large numbers of automated registrations and can't easily spot a fake registration when it uses a real name/address. And besides having to give the money back, your credit card company charges them a chargeback fee. However, you may find some that are not interested helping you, even if your credit card company has already notified them of the fraud. In order to prove they were not cooperating in the scheme to defraud you, they should release that information. Be prepared to provide proof of who you are, as some spammers will actually contest these suspensions, and registrars need to be able to legally justify their actions. Finding the registrar In most cases, if a spammer registered a domain name with a real person's identity, it will have been with an ICANN accredited registrar. Those are the most valuable domain names (.com, .net, .info, .org, etc.) to a scammer that doesn't want to arouse suspicion. You can find a list of the ICANN accredited registrars here, with email addresses and phone numbers. You may have to insist on speaking to their legal department, or you may have to send registered letters. Document all emails, web form submissions, phone calls and letters, and let them know you are doing it. If they knowingly leave your information on the internet in association with a criminal domain, they are defaming you. Should you be unable to get assistance from the contact information there, you can submit information at the Whois Data Problem Report System webpage. Unfortunately, the WDPRS system is deeply flawed and may refuse to accept your report if anyone has already reported the domain -- even if the spammer used it to report some accurate bit of information in order to block any reports about inaccurate information. Anyone who is encountering resistance or who needs help understanding the process can visit the anti-spam and anti-fraud forums for assistance. Category:Spammer issues